1st
I went through the Privacy Rights Clearinghouse website and read out the ext
1st
I went through the Privacy Rights Clearinghouse website and read out the extensive breach of data chronologies. The highly useful data source monitors reported data breaches nationwide in the US and provides insights for advocates, policymakers, journalists, and researchers. In December 2022, Regal Medical Group got on the list of health info breach cases. Over 3.3 million patients were the victims of personal and health information exposure, which resulted from a ransomware cyberattack. The intruders penetrated Regal Medical Centers’ systems, encrypted the data belonging to the patients storing confidential information, and required unscrambling the order of the data to be reversed. Violated data given out consisted of personal information and health data, including medical history, diagnoses, medication, and prescriptions (PrivacyRights, 2024). Affected data was their personal information and data about health, such as medical history, diagnoses, treatment, and prescriptions.
A highly tactical way to bypass data leakage and sustain Electronic Health Records (EHR) and Personal Health Information (PHI) is using Multi-Factor Authentication (MFA). Implementing this means that all medical care providers must have multi-factor authentication whenever they access EHRs. This way, intruders cannot gain access even if their passwords are compromised. Patient portals should also use MFA to authenticate individuals who are accessing their records online. Regular staff training on MFA’s importance and vendor management to ensure third-party vendors also use MFA is essential, along with continuous monitoring of access logs to detect any suspicious activity promptly. By implementing MFA, healthcare organizations can significantly reduce the risk of unauthorized access, protect patient privacy, and enhance overall data security in real-world healthcare settings.
Reference :
PrivacyRights.org | Privacy Rights Clearinghouse. (2024). https://privacyrights.org/
2nd
For this week the topic is data breaches, and the data breach from Health IT Security provides information on a data breach about an insurance broker whose data was breached. Those affected lived in Tennessee and North Georgia. Roughly 56 thousand people were affected by this. The type of information compromised was personal information, such as “names, social security numbers, financial information, and heath information” (Health IT Security). A strategy that could be used to prevent such breaches and protect the privacy of Electronic Health Records and Personal Health Information is through data encryption and secure use of information only. This could be achieved through encrypting the data until a specific password and second verification form are used before the data can be opened. This would prevent creeping eyes or mis-sending of information from occurring. This could also mean that there are specific areas that the data can be accessed in so that phones cannot be used and others cannot see the information.
McKeon, J. (2024, January 31). Insurance broker data breach impacts 1.5M individuals. HealthITSecurity. https://healthitsecurity.com/news/insurance-broker…